R Wartell, V Mohan, KW Hamlen, Z Lin - … of the 2012 ACM conference on …, 2012 - dl.acm.org
Unlike library code, whose instruction addresses can be randomized by address space layout randomization (ASLR), application binary code often has static instruction addresses …
An important security challenge is to protect the execution of security-sensitive code on legacy systems from malware that may infect the OS, applications, or system devices. Prior …
B Niu, G Tan - Proceedings of the 35th ACM SIGPLAN Conference on …, 2014 - dl.acm.org
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …
Function type signatures are important for binary analysis, but they are not available in COTS binaries. In this paper, we present a new system called EKLAVYA which trains a …
B Niu, G Tan - Proceedings of the 22nd ACM SIGSAC Conference on …, 2015 - dl.acm.org
Control-Flow Integrity (CFI) is an effective approach to mitigating control-flow hijacking attacks. Conventional CFI techniques statically extract a control-flow graph (CFG) from a …
A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is presented, which is the first to efficiently resist code-reuse attacks launched by informed …
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effectively mitigate code reuse attacks. However, a recent attack strategy, dubbed just-in …
While code injection attacks have been virtually eliminated on modern systems, programs today remain vulnerable to code reuse attacks. Particularly pernicious are Just-In-Time ROP …
U Erlingsson, M Abadi, M Vrable, M Budiu… - Proceedings of the 7th …, 2006 - usenix.org
XFI is a comprehensive protection system that offers both flexible access control and fundamental integrity guarantees, at any privilege level and even for legacy code in …